85 matches found
IBC Solar ServeMaster Plain Text Password Vulnerability
ServeMaster TLP+ and Danfoss TLX Pro+ are web-based SCADA systems. A plain text password vulnerability exists in ServeMaster TLP+ and Danfoss TLX Pro+. An attacker can exploit this vulnerability to obtain a plain text password by viewing the web page source code...
IBC Solar ServeMaster Source Code Vulnerability
OVERVIEW Independent researcher Maxim Rupp has identified three vulnerabilities in IBC Solar products. The vulnerabilities are disclosure of applications source code, plain text passwords, and cross site scripting. IBC Solar has not produced a patch to mitigate these vulnerabilities. These...
HP's Zero Day Initiative Changes Bug-Buying Guidelines
HP’s Zero Day Initiative has decided to adjust its guidelines and criteria or buying some vulnerabilities in the future, eliminating some large classes of bugs from its menu. The group, which has been among the more visible and prominent of the vulnerability purchasing programs since its inceptio...
Trihedral Engineering Limited VTScada Integer Overflow Vulnerability
OVERVIEW An anonymous researcher working with HP’s Zero Day Initiative has identified an integer overflow vulnerability in Trihedral Engineering Ltd’s VTScada application. Trihedral Engineering Limited has produced a patch that mitigates this vulnerability. This vulnerability could be exploited...
New Variant of Havex Malware Scans for OPC Servers at SCADA Systems
At the beginning of the month, we have reported about the new surge of a Stuxnet-like malware “Havex”, which was previously targeting organizations in the energy sector, had been used to carry out industrial espionage against a number of companies in Europe and compromised over 1,000 European and...
Dragonfly Russian Hackers Target 1000 Western Energy Firms
Gone are the days when cyber criminals focuses only on PCs to spread malwares and target people, whether it’s ordinary or a high profile person. Nowadays, organizations in the energy sector have become an interesting target for cyber minds. Few days ago, security researchers uncovered a...
Stuxnet-like 'Havex' Malware Strikes European SCADA Systems
Security researchers have uncovered a new Stuxnet like malware, named as “Havex”, which was used in a number of previous cyber attacks against organizations in the energy sector. Just like Famous Stuxnet Worm, which was specially designed to sabotage the Iranian nuclear project, the new trojan...
Schneider Electric SCADA Expert ClearSCADA Vulnerabilities (Update A)
OVERVIEW This updated advisory is a follow-up to the original advisory titled ICSA-14-259-01 Schneider Electric SCADA Expert ClearSCADA Vulnerabilities that was published September 16, 2014, on the NCCIC/ICS-CERT web site. Independent researcher Aditya Sood has identified a weak hashing algorithm...
ICS-CERT Confirms Public Utility Compromised Recently
Attackers recently compromised a utility in the United States through an Internet-connected system that gave the attackers access to the utility’s internal control system network. The utility, which has not been named, had remote access enabled on some of its Internet-connected hosts and the...
OpenICS ICS Protocol Decoder Builds Data Dictionaries
Industrial control system security has been called archaic, laughable and even non-existent. Most ICS and SCADA systems weren’t built with the Internet in mind, much less security, but yet they are at the forefront of manufacturing, building automation and critical infrastructure operations...
Siemens SINEMA Vulnerabilities
OVERVIEW Siemens has identified vulnerabilities in SINEMA server. Siemens has produced a software update that mitigates these vulnerabilities. These vulnerabilities could be exploited remotely. AFFECTED PRODUCTS The following Siemens product is affected: SINEMA server: all versions prior to V12 S...
Siemens Fixes Authentication Bugs in Scalance X-200 Switches
Researchers have discovered two serious vulnerabilities in industrial Ethernet switches manufactured by Siemens that could enable attackers to perform unauthorized actions on the switches without authentication. One of the bugs allows attackers to hijack Web sessions and the other enables them to...
ICS Vendor Fixes Hard-Coded Credential Bugs Nearly Two Years After Advisory
Nearly two years after a security researcher published details of the hard-coded credentials that ship with a slew of industrial control system products made by Schneider Electric, the company has released updated firmware that fix the problems. The vulnerabilities, which were discovered by...
Sixnet Universal Protocol Undocumented Function Codes (Update B)
OVERVIEW This updated advisory is a follow-up to the updated advisory titled ICSA-13-231-01A Sixnet Universal Protocol Undocumented Function Codes that was published August 26, 2013, on the ICS-CERT Web page. --------- Begin Update B Part 1 of 1 -------- Researchers Kyle Stone and Mehdi Sabraoui...
Stuxnet is Back ! Iran reported another cyber attack
Iran claims to have repelled a fresh cyber attack on its industrial units in a southern province. In the last few years, various Iranian industrial, nuclear and government bodies have recently come under growing cyber attacks, widely believed to be designed and staged by the US and Israel. A powe...
Stuxnet is Back ! Iran reported another cyber attack
Iran claims to have repelled a fresh cyber attack on its industrial units in a southern province. In the last few years, various Iranian industrial, nuclear and government bodies have recently come under growing cyber attacks, widely believed to be designed and staged by the US and Israel. A powe...
Hunting vulnerabilities in SCADA systems, we are still too vulnerable to cyber attacks
Stuxnet case is considered by security expert the first concrete act of cyber warfare, a malware specifically designed to hit SCADA systems inside nuclear plants in Iran. The event has alerted the international security community on the risks related to the effects of a cyber attack against...
Embedded Systems, Critical Infrastructure 'Renovation' Outpacing Security
Scott Tousley, deputy director cybersecurity division at Department of Homeland Security Science & Technology, is an advocate of integrating cybersecurity education into all disciplines of IT and business and risk management. “We don’t want to teach cybersecurity as a stovepipe, but to do it so...
DHS Warns ICS, SCADA Owners About Increase in Malicious Activity
An alert from the Department of Homeland Security late last week urges private- and public-sector industrial control system ICS owners to be proactive in auditing the security, particularly, authentication controls of their systems. The alert is in response to a growing concern over the number of...
Modbus Version Scanner
This module detects the Modbus service, tested on a SAIA PCD1.M2 system. Modbus is a clear text protocol used in common SCADA systems, developed originally as a serial-line RS232 async protocol, and later transformed to IP, which is called ModbusTCP. This module requires Metasploit:...